I got a bounced back message that I never sent. I was profoundly shocked to discover (through the header info) that the message originated from dotworlds.net; a site that ostensibly is a spoof email service provider.
Should such sites be allowed to exist?
I got an email "failure delivery notification" but i did not sent that email. It had my email address though.
So I contacted host and got a very quick reply:
Quote:
The is caused due to the email spoofing. Someone was spoofing your email account and sending mails by adding the mail header so that the appears to have originated from the actual source. By setting SPF record correctly in the DNS zone of the domain, we can almost prevent this.
Here The SPF record was not setup correctly. Now we have made some changes in the SPF record in the DNS zone file "/var/named/domainname.com.db".
------------
v=spf1 a mx ip4:67.21.1.226 ?all -----> v=spf1 a mx ip4:67.21.1.226 ~all
------------
Now I can understand that they have quickly fixed the problem. BUT I need to learn more on what is going on here.
I can understand that email spoofing is that spammer is sending email with header that shows it is my email address (which it is not).
But I dont understand the second part that a DNS record fix it.
What does that DNS line mean,
DNS stuff is really complicated and am lost when it comes to it.
Is there any way to stop spammers from spoofing my address? I've had issues ever since I started this server with getting bounced spam where the "From:" field was (jibberish)@mydomain.com which was annoying but not that constant.
I came online this morning to check my mail and had over 1200 e-mails and all of them have "online@wellsfargo.com" as the "From:" address, but the message-ID has my domain name in it..
Quote:
------ This is a copy of the message, including all the headers. ------
Return-path: <nobody@host.mydomain.com>
Received: from nobody by host.mydomain.com with local (Exim 4.63)
(envelope-from <nobody@host.mydomain.com>)
id 1Hju9b-0002y3-TH
for lwilder1999@yahoo.com; Fri, 04 May 2007 05:32:43 -0400
To: lwilder1999@yahoo.com
Subject: Update Your Account Records
From: Wells Fargo Online <online@wellsfargo.com>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1Hju9b-0002y3-TH@host.mydomain.com>
Date: Fri, 04 May 2007 05:32:43 -0400
There's gotta be some way (make that 1204.. just got 4 more bounces) to block spammers from doing this. Could someone help a newbie out?
How do you defend against browser spoofing? From the tutorials shown at [url]. it seems really easy to spoof a firefox useragent.
View 5 Replies View RelatedI'm concerned about dns spoofing
As explained here:
w w w. securesphere(dot)net/download/papers/dnsspoof.htm
I note the recommendations:
- To limit the cache and check that it's not keeping additional records.
- Not to make security systems to use/rely on DNS.
- Use cryptography like SSL, even if the problem remains the same, it increase difficulty level for the attacker (See article on Man in the Middle)
I did not on another site that the latest version of BIND for DNS should be installed.
I'm quite sure I'm being attacked in this way by a guy on the same network as my numerous commercial websites.
I'm setting a new server. I'm getting my own name server.
What steps should I take to best protect my self and my business against these attacks please?
(firewall? tips etc beside the above?) Please let me know as I want to set up and have a better than even bet I have shaken the guy.
I have similar problem that explained [url]
The detail of my problem is below:
Some people sent spoofing mails from our mail users sent to our user from Postfix/local that is listed in maillog like below:
Apr 29 16:57:02 ns1 postfix/local[3075]: EC2153565E3: to=<user-mydomain.com@ns1.mydns.com>, orig_to=<user@mydomain.com>, relay=local, delay=486, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
Bu i do not know how to prevent this people not to use my Postfix/local delivery part. How can i prevent this attack?
When i connect to my mail server to sent or receive my mail it look like
Apr 29 17:25:28 ns1 dovecot: pop3-login: Login: user=<user@mydomain.com>, method=PLAIN, rip=***.***.***.***, lip=***.***.***.***
....
Apr 29 17:25:55 ns1 dovecot: POP3(user@mydomain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0....
But the attackers connect directly like below:
Apr 29 17:29:59 ns1 postfix/local[2456]: 3192E357FD9: to=<user-mydomain.com@ns1.mydns.com>, orig_to=<user@mydomain.com>, relay=local, delay=261, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
....
Apr 29 17:29:59 ns1 postfix/qmgr[2218]: 3192E357FD9: removed
How can the spammer connect to Postfix/local part? My mail server not open relay. i test it from internet.
Is RapidLeech legal in the US?
View 7 Replies View RelatedI'm kinda confused about warez linking allowed VPS hosters.. Most of them they say "Warez Linking is allowed" "AS LONG AS IT'S LEGAL" Is there a legal warez? I though that warez is illegal in the first place!
I'm planing to buy a VPS Plan from fsckvps.com, but I'm afraid they might terminate my account, so want to make sure if I will work fine with them, I've contacted them as pre-sale question, they said that warez linking is allowed as long as nothing is hosted on their server.
Okay, Now what's legal warez? My site content actually is New worldwide music albums, info, Movies, Cracked/nulled softwares..
Download links are included, but hosted on sharing site such as 4shared.com etc..
Will this be fine? Or I might experience account termination?
I'm just inches away from purchasing their 512MB RAM Plan, this is my final question.
I have been looking for adult hosting services. Of the businesses I have found that do allow adult hosting, I have seen one stipulation. "Legal adult content". I'm not quite sure on what this means. Does it pertain to the obvious, like no child porn, bestiality, etc. Or is there legalities to the access of the adult content? Though I live in the US, I was not raised nor educated here, and thus not aware of the details here.
All I wish to host is a general content forum where my members can have a section to post 18+ pornography such as you would see in any regular adult video store. I plan to have this in an invite only section of the forum as to keep the content inaccessible to under 18 year olds. I believe this should be within the requirements of legal adult content.
Anyone who knows the details of the term "Legal adult content", could you please clear this up for me?
a company named [url] was with us for almost 4, months and they are using the server which are custom ordered high end server, we didn't took setup fee just because they promise us to stay at list for an year
and from past 2 months they just ranned away somewhere, didn't paid any invoice
i guess we did a big mistake by believing in them
i know these 2 servers wont make a big difference but still just for my info
can anyone suggest if we can take any legal action on them ?
i know there site is still up and running
i would like to present to you a scenario im sure everybody has thought of and has come up against.
1. If you are hosting with a web host and your files and website has been compromised due to the lack of security on the server what actions can you take against the host for this loss?
2. The host has a backup dating back to a week, but of course the data you have accumulated for the week that was lost is very valuable but you cant get it back now because of a flaw with the hosts server, is there anything you can do in a situation like this?
3. What if you are a reseller and have setup several sites for customers. One customer uses a CMS which means he/she will be updaitng their website every now and then and not always you are able to make backups of all the websites hosted by you as the reseller.
Now a weeks or a few days of data have been lost. The client complains and wants to take legal action against the reseller (you) and of course the reseller knows its the problem with the main host you are hosting with. What does the reseller do now with the client and the host whos made the mistake?
4. Clients livelihood depends on his/her Ecommerce website, they make an average turnover. Whether you are hosting on a dedicated or VPS nevertheless data loss has occured because the box was compromised. The blame is put on the host. In a scenario like this what can the customer do? He/She has lost some client details/orders information and products as a whole...? Remember this is a business... and money has been lost. A recovery backup a week old will never be sufficient enough for the loss.
Think about it... what will you do if any of the above four scenarios were to happen to you?
Yes i am aware of the terms. Some hosts will say they are not responsible forData loss in their small prints,
Some will say it is soley up to the customer to make backups,
When it comes to court they will point this out, and you'll be kicking yourself for being so foolish to go with a host in the first place which dosent gurantee the safety of your data.
Customers dont always read the small fine prints. Now realistically speaking what can the customer/client do in a situation like this? Im guessing nothing if the host outlines the terms ive pointed out above?
Is there really a host out there which takes whole responsibility for the loss and damage they create to your websites and businesses online?
I'm looking for a cheap host which offers to host torrent files. It is legal .pdf files i will be offering. Any ideas?
View 10 Replies View RelatedI see lot of threads about DoSes and from what I understand its pretty much up to client to pay expensive prices for a DoS firewall, or just get a few days of downtime and hope the DoS ends when server is put back online.
However, one thing I've been wondering is do providers (unmanaged) normally assist with the legal issues behind this? Like is it up to them to sue the ones DoSing given it's their network, or is it still up to the customer to do that?
I have a ethics and legality scenario I would like to pose here. This is to be considered a fictional scenario and any similarity to any real company or person is unintentional.
COMPANY X has colo racks in DATACENTER and hosts a client named COMPANY Y. COMPANY Y also hosts 50 small web sites on cpanel and 40 VPS servers on their linux VPS node in exchange for a discount or other compensation. During the month of may and COMPANY Y's bill raises from being 3000 past due to over 12000 past due to various reasons including purchasing of hds from the DATACENTER using COMPANY X's account, tech work dont by DATACENTER for COMPANY Y needed also billed to COMPANY X's account, as well as BW and rack costs. Seeing this alrming bill by the end of May COMPANY X begins putting pressure on COMPANY Y to pay some invoices as no payments were received during the entire month of may and COMPANY X is also having a hard time paying DATACENTER due to not being paid by COMPANY Y but makes efforts to pay 25% of the outstanding bill in June.
Near the end of june COMPANY X has had enough and arrives at the datacetner to attempt to move theritr clients off COMPANY Ys hardware so they can suspend service of COMPANY Y completely. On the visit COMPANY X brings 2 new servers in and begins moving clients of their over and COMPANY X notices this action and begins to suspend and remove access to all of COMPANY X's clients. COMPANY X then decided to power off the boxes of COMPANY Y and removes drives containing COMPANY X customer data for offline recovery. and because they beleived the DATACENTER might be untrustworthy enough to release hardware fromt heir rakcs without their permission. The drives were for as much colatteral purposes as for recoverying customer data. They then pack the drives in boxes and a bag and leave the datacenter having spent nearly 20 hours working and head on a long trip home and signs out of the data center in front of various techs holding the server parts and tools.
Upon arriving back to their office/home
They were informed that the removal of the HDs was not allowed byt he datacenter because the account was past due and it was discovered that several drives with cOMPANY X's clients were left in the datacenter which COMPANY X now wishes they had remembered to get. DATACENTER is furious and demands the account be paid in full by a fixed time or the entire colo will be cut power. COMPANY X scrambles to find others to help them and another major client who has alot at risk decides to help and a payment of $7160 is made to DATACETNER but it came in a few minutes past the deadline. DATACETNER had suspended servuce, and cut power but stated they wil return service shortly. Shortly after this it is discovered that several servers belonging to COMANY X and two other companies who were supsended in the same day were not int he rack anymore. DATACENTER accout rep responds with the following message in ICQ/AIM .....
im running a site where users can submit their comic books excerpts or works.
but sometimes there are users that upload copyrighted works.
how to deal with this problem? I have the DMCA legal notice that I copied from other websites and fixed it to suit mine.
I remove any copyrighted material upon request.
I cannot monitor all posting 24/7.
so which hosting, location(us, amsterdam, netherlands?), and other precuations should i take ? is it okay to copy legal stuff from other similar site and change around the wording to fit my site?
I am looking for a UK based VPS from a UK company that allows legal adult hosting. I am ideally looking for at least 40GB space and 500GB b/w to start with.
View 7 Replies View RelatedI'm looking for a host in europe, nl, de ..., with a unmetered 100mbit server that allows me to run legal torrent on it.
My buget are ca 200 euro or so.
Does anyone know the proper avenue for cancelling an account with HostNine? They are giving me the run around and ignoring my requests for a cancellation. I originally tried to cancel my account a couple of months ago by e-mail. They informed me that I had to submit a cancellation request through their website. I have submitted a cancellation request through their website SEVERAL TIMES since then. They never sent me any kind of response or confirmation, so I assumed (wrongly, I guess) that the account was cancelled, but they keep charging my credit card over and over.
I have requested again that the account be cancelled and told them that I would simply perform a chargeback since they are basically billing me for a service that I have continually requested be cancelled via their own online cancellation form using their own process for cancelling accounts. Nick Hudson @ HostNine's response to this was to threaten that they would send attorneys and collection agencies after me. All while claiming that it is "NOT hard" to cancel an account. I agree with them; cancelling your account when the company will actually deal with you should not be hard.
I will be launching a video website like youtube and I have put all the DMCA requirements on it, I'm still not sure if I can get in trouble if someone uploads copyrighted videos, would it make a difference if I get a dedicated server located in Netherlands?
View 5 Replies View RelatedBEST RELIABLE HOSTING, affordable hosting
ALLOWED: warez linking - nulled script - legal porn
warez linking allowed
nulled script allowed
Host Unlimited Domains
Unlimited Sub Domains
Unlimited Email, MySQL, FTP
PHP5, MySQL5, CGI, Perl5
DDOS Proof, ionCube, Ruby
99.99% Uptime Guarantee
cPanel® 11, WHM, Fantastico
Web Hosting Control Panel
MS Frontpage WebSite Hosting
ImageMagick 5.5.2 Support
Unlimited Email and FTP Accounts
Fast, Free 24/7 Tech Suppor
Reseller Hosting Available
2 Web Based E-Mail Programs
Streaming Audio/Video Hosting
SUPER 12$ year
5 Go Storage
30 Gb Transfer
Control Panel
EXPERT 24$/year
20 Gb Storage
100 Gb Transfer
EXPERT 36$/year
50 Gb Storage
600 Gb Transfer
GOLD HOSTING
»FREE DOMAIN NAME
» 100 Gb Disk Space
» Unlimited Bandwidth
50 $/YEAR
RESELLER HOSTING
w w w .azhosty .com
I'm having difficulty sending an email to another email address (with a different domain) which is on the same VPS.The trouble is, on the other domain's VPS control panel, within the DNS settings, the MX records have been pointed externally (to an exchange server). Their email is turned off. But bizarrely, their mailbox is full.
It seems as though Plesk is ignoring the MX records, and sending MY email internally to the OTHER domain's mailbox on the same VPS.How do I get Plesk to send my mail to the correct EXTERNAL MX records?
I had a email address I deleted on my server (postfix on Debian 4), but to my surprise the server still recieves email for the address!
(I have manually tried sending a email to the address and it comes througt).
I have deleted the address from the /etc/postfix/virtual file and restarted postfix.
What could I have forgotten?
One of my customers asked me if is possible technically to offer free email services.
Since he's going to launch a big portal he want to offer such things later, for all users.
Now, there are problems as:
a) if there is any possibility to compress emails similar with GMAIL or YahooMail or so, because i can't imagine the email is uncompressed
b) how can be handled email boxes over multiple (mail ?) servers if the HDD space needed would be larger than for one server HDD ?
I am having an email issue and I can not resolve. I am hoping for some assisstance here.
One of my local clients are not able to email each other in their office. (About 10 employess I believe)
They are using Outlook mail client, and using ISP's SMTP server. They are able to send/recieve email to other users externally, but not intenally.
Using webmail works perfectly fine.
I spoke with my host and the said everything is working fine. I checked with the ISP to see if they are blocking the IP address on the SMTP server. They said they were not.
I have a personal account on the same server and tried to send email to another local email account, and it did not work either. Tried to send email to my clients email and they did not recieve anything.
I am on the same ISP as my client, so Im still not sure if its the ISP or not.
I setup mail piping with Exim so that e-mails sent to a specific account be forwarded to my PHP script. It's not working properly, because when I send a mail to this account, it's bounced by the mailer daemon:
Code:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
pipe to |/home/user/public_html/support/parse.php
generated by support@mydomain.com
local delivery failed
In my /etc/valiases/domain.com file I have:
Code:
support@mydomain.com: "|/home/user/public_html/support/parse.php"
*: :blackhole:
What can be causing the error?
On one my servers, I'm receiving hundreds of spam emails that are clogging up the email queue to email addresses that do not exist.
For instance domain.com, I would get
bob@domain.com
liz@domain.com
325235@domain.com
You get the picture. How do I setup my server so that if there isn't an email address setup the email automatically gets deleted instead of trying to attempt to deliver it?